Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned.

Description The issue concerns a pairing procedure where a GUI component presents a deviceName to identify peer devices. This deviceName is under attacker control and is transmitted in cleartext via UDP broadcast messages, allowing malicious devices to potentially confuse users by requesting a pairing under the same deviceName to gain system access. To mitigate this, a sha256 fingerprint of the concatenated public keys of the involved certificates is now displayed, with a prefix of 8 hex digits shown initially and the full fingerprint accessible via a "view key" button.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.